I have two redundant servers. One will be in an active state at any time and the other will be in a backup or reserve state at any time. The backup server will use fake to take over the IP address of the active server when it needs to become active. Fake works by sending gratuitous arp messages, basically convincing any local hosts or switches that it owns that IP address even though the originally active host is still claiming to own that IP address. Basically, it shouts louder than the other host.

Interestingly, it's very difficult for one of the two hosts to determine it's own state. If a server does not have that main IP address, we know it's not active. If it does and it's running fake, we can say it is active. If, however, it has the main IP and is not running fake, we don't know. IE The original main server doesn't know when the backup server has taken over or not.

Unless! We can analyse the flow of arp messages. If a machine has the main IP and it can see a ton of gratuitous arp claiming someone else has that main IP, I can pretty sure the backup machine has taken over.

So, does anyone have advice for how I could watch the flow of arp packets?

Thanks!

--Pileofrogs

Update

I found Net::Pcap and NetPacket::ARP, and I'm a happy guy.

In reply to Arp Anyone? by pileofrogs

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.